Landry’s Investigates Possible Card Breach

Landry’s announced on Thursday that it’s investigating reports of unauthorized charges on payment cards used at some of its restaurants.

Landry’s is a Texas-based dining, hospitality, entertainment and gaming company that owns and operates over 500 properties, including brands like Landry’s Seafood, Chart House, Saltgrass Steak House, Bubba Gump Shrimp, Claim Jumper, Morton’s The Steakhouse, McCormick & Schmick’s, Mastro’s Restaurants and Rainforest Cafe.

The company has launched an investigation in collaboration with a cyber security firm and its payment processor, but it’s unclear at this stage how many individuals or restaurants are impacted.

“Our investigation is ongoing, but based on reports to date it appears that this issue may involve the data contained in the magnetic stripe on the back of payment cards. information in the magnetic stripe generally includes a cardholder’s name, card number, expiration date, and internal verification code,” the company stated.

Landry’s said it began a process of enhancing the security of its payment systems at a majority of its restaurants, including ones that might have been targeted by cybercriminals, before reports of a possible breach surfaced.

Security blogger Brian Krebs, who was the first to report on the news, learned from his sources in the banking industry that the malicious activity appears to have started in May 2015.

Landry’s is not the only restaurant chain hit by a payment card breach. Earlier this month, the owner of Elephant Bar restaurants informed customers that it had discovered malicious software on some payment processing systems. The malware, designed to steal information such as cardholder name, card number, expiration date and verification code, was found at various locations in California, Colorado, Arizona, Missouri, Nevada, Florida and New Mexico.

Supermarket chain Safeway was also targeted by fraudsters. Krebs reported this week that credit card skimmers had been found at some stores in California and Colorado.

“Cybercriminals innovate daily – creating new malware and tactics that allow them to breach systems and steal data. During the holidays, all the organizations that use point of sale systems and process payment data are especially targeted because so much credit card, personal and financial data passes through those systems – a goldmine for the cybercriminal,” Paul Jespersen, VP of Emerging Technologies at Comodo, told SecurityWeek.

“To stay a step ahead of the cyber thieves, companies need to work with technology partners and integrators that are even more innovative than the cybercriminals and that implement back-end security technologies such as containment – which wraps an application and transaction in a protective bubble and ensures every POS system that uses the technology is protected from hacking attempts,” the expert added.

Related Reading: Eastern European Hackers Blamed for America’s Thrift Stores Breach